I have an 'old' Postfix 2.1 Centos 6 server, all running well, looking at setting a more up to date server and Postfix
old server was not installed by me, just now I've realized I have policy deamon I was not aware of (obviously was running OK...) from main.cf ... smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:7777, permit_mynetworks, check_sasl_access hash:/etc/postfix/sasl_access permit_sasl_authenticated, ... Q1: in a multi line config like this, is it possibly to comment out one line in place like so? smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, # check_policy_service inet:127.0.0.1:7777, permit_mynetworks, check_sasl_access hash:/etc/postfix/sasl_access permit_sasl_authenticated, ... Q2: is there a way to assess from maillogs? effectiveness ? what else ? that this deamon has ? I also have policyd 1.x running on this server reading docs for the port 7777 deamon, it's "iRedAPD" which I gather it's a similar to the policyd reading further, "iRedMail and iRedAdmin-Pro completely drop support for Cluebringer, if you're still running Cluebringer, please migrate to iRedAPD by following our tutorial." as I'm still using policyd 1.x, I was hoping to move to policyd 2.x, reading above, that apparently is no longer developed Q3: what are my options to update from policyd 1.x to (greylist, throttling, what else should I look at ?) lastly, in current setup, I have the two policy deamons in two places: before permit mynetworks, and, as last where should it be? smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:7777, permit_mynetworks, check_sasl_access hash:/etc/postfix/sasl_access permit_sasl_authenticated, reject_unauth_destination, check_recipient_access hash:/etc/postfix/recipient_no_checks, check_recipient_access pcre:/etc/postfix/recipient_checks.pcre, check_helo_access hash:/etc/postfix/helo_checks, check_sender_access hash:/etc/postfix/sender_checks, check_client_access hash:/etc/postfix/client_checks, check_client_access pcre:/etc/postfix/client_checks.pcre, reject_rbl_client zen.spamhaus.org, reject_rhsbl_client dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org, reject_rbl_client psbl.surriel.com, reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client bl.spamcop.net, check_policy_service inet:127.0.0.1:10031 thanks for any help and pointers (I've copied this server's 2.1 settings to new server's 3.x install and, slowly aim to bring it on line, undoubtedly more stupid question to follow) Voytek
